Open Sesame: A Safer Way to Log In To Your Google Accounts

Jan 16, 2012

Google has introduced an interesting new way for logging into your Google accounts by just scanning a QR code on the screen and without having to actually type your password into a computer. To use this new feature, just head over to https://accounts.google.com/sesame and a QR code will appear on your screen. Scan the barcode on your phone (you can use any app that can read QR codes for this, including the popular RedLaser app on the iPhone or Google's own apps).

This new log-in mechanism will be especially useful when you are using a public computer where you can't be sure that somebody hasn't installed a keylogger or a similar device.

The feature was first described by Walter Chang on Google+, though it's possible that this tool has been available for longer.

How it Works

Here is how it works: Google presents you with a one-time use barcode on the screen. You scan the code and your mobile scanner app will recognize that it's a link and take you to your mobile browser. Google will then ask you to type in your password on your phone and to confirm that you really want to log in on the computer, too. Once confirmed, your desktop browser will receive notice from Google that you are good to go and open a Gmail session for you.

Caveats

Now, obviously, as the good folks on HackerNews point out, if you are on a computer you don't fully trust, you can never be 100% sure that whoever installed a keylogger on the machine isn't also doing other nefarious things while you are logged in.

Still, this is definitely safer than just typing your password on a computer that isn't yours and may even add some extra security for those who sometimes have to work on unsecured WiFi networks as well.